Similarly, Canonical's privacy policy includes mention of the Marketo Munchkin cookie that it uses. According to the description in the privacy policy:

Marketo's cookie allows us to track repeated visits to the website, and link each visit to the information voluntarily provided by the visitor. For example, if the visitor is asked to provide us with their name, company name and email address, we will know the identity of the visitor when they visit the site at a later date, or when we send them email.

Admittedly, the privacy policy also makes clear that Canonical attempts to handle this information securely. On the Canonical blog, Cristian Parrino, vice president online services stated, "we automatically anonymize user logs and that information is never available to the teams delivering services to end users."

However, the IP addresses that may be shared could, in many cases, be enough to identify an otherwise anonymous person. At any rate, given that both the legal notice and privacy policy are subject to change "at Canonical's sole discretion," such statements are less than reassuring. In the end, Ubuntu and Canonical are asking users to trust their unnamed representatives. While there may not be a particular reason to distrust them, no particular reason exists to trust them, either.

Problems with Canonical's Responses

To a degree, Canonical has responded credibly to such concerns. For instance, the ability to turn off the external search results might never have been added except for early criticism of the 12.10 release.

But at the same time, parts of Canonical's response have only made the concerns seem more practical and less like paranoia about the hypothetical. These parts may reflect a misjudgment among Canonical's executives about the company's popularity, or perhaps an impatience with what must sometimes seem like an endless barrage of criticism. But whatever the reason, they do nothing to foster the trust that Canonical expects from its users.

Soon after the controversy began in September 2012, Shuttleworth responded to initial comments on his blog. However, instead of explaining how the changes would improve the desktop, he simply stated that it would, hinting ominously that, without it, Ubuntu "won't be relevant."

Much of the rest of his blog was a collection of non-sequiturs like "It makes perfect sense to integrate Amazon search results in the Dash, because the Home Lens of the Desktop should let you find *anything* anywhere" and verbal quibbles such as "we're not putting ads in Ubuntu. We're integrating online scope results into the home lens of the dash."

As for the issue of trust, Shuttleworth wrote:

Don't trust us? Erm, we have root. You do trust us with your data already. You trust us not to screw up on your machine with every update. You trust Debian, and you trust a large swathe of the open source community. And most importantly, you trust us to address it when, being human, we err.

No doubt he was trying to be humorous, but the combination of the cavalier tone and the false analogy between basic security and open source development models mean that his response utterly failed to offer the reassurance that he was most likely intending.

Efforts by community manager Jono Bacon were equally ineffective. Bacon's first effort was an unusually rambling entry about how operating systems were for both producers and consumers, and the external search results were a feature for consumers. It ended with an insistence that Canonical needed to make money on Ubuntu in order to continue to improve it — a point that few critics would contest, which makes you wonder why he brought it up.